Paper 2023/339

An Analysis of the Post Quantum and Classical Security of 4x4 and 16x4 S-Boxes and Their Implementations in Simplified-AES

Abstract

Grover’s algorithm is a quantum searching algorithm that poses a threat to symmetric cryptography. Due to their smaller key sizes, lightweight cryptographic algorithms such as Simplified-AES face a much more immediate threat from Grover’s algorithm than traditional cryptographic algorithms. By analyzing different S-boxes, it was discovered that the S-box 946C753AE8FBD012 may be more quantum resistant than the S-box that Simplified-AES uses, 94ABD1856203CEF7. In addition to this, 16x4 S-boxes (or 4 4x4 S-boxes) showed to be significantly more quantum secure than 4x4 S-boxes. This is because the number of gates needed to model a $2^n$x4 S-box increases at an exponential rate. It was also found that this property extends to $2^n$x8 S-boxes, implying the existence of a more quantum secure 8x8 S-box that AES could use. However, an increase in quantum security does not equate to an increase in classical security, as some of the least quantum secure S-boxes analyzed displayed some of the best classical security. Finally, an alteration of Simplified-AES that used a 16x4 S-box was found that displayed better classical and quantum security than Simplified-AES and did not require an increase in key size.